Merge pull request #1322 from thaJeztah/18.09_backport_bump_kube_deps

[18.09] backport: bump kube dependency to 1.11.2

appveyor.yml

@@ -4,7 +4,7 @@ clone_folder: c:\gopath\src\github.com\docker\cli
 
 environment:
   GOPATH: c:\gopath
-  GOVERSION: 1.10.3
+  GOVERSION: 1.10.4
   DEPVERSION: v0.4.1
 
 install:

cli/command/system/info.go

@@ -204,6 +204,9 @@ func prettyPrintInfo(dockerCli command.Cli, info types.Info) error {
 	}
 
 	fmt.Fprintln(dockerCli.Out(), "Live Restore Enabled:", info.LiveRestoreEnabled)
+	if info.ProductLicense != "" {
+		fmt.Fprintln(dockerCli.Out(), "Product License:", info.ProductLicense)
+	}
 	fmt.Fprint(dockerCli.Out(), "\n")
 
 	printWarnings(dockerCli, info)

dockerfiles/Dockerfile.binary-native

@@ -1,4 +1,4 @@
-FROM    golang:1.10.3-alpine
+FROM    golang:1.10.4-alpine
 
 RUN     apk add -U git bash coreutils gcc musl-dev
 

dockerfiles/Dockerfile.cross

@@ -1,3 +1,3 @@
-FROM    dockercore/golang-cross:1.10.3@sha256:7671b4ed357fda50124e5679d36c4c3206ded4d43f1d2e0ff3d120a1e2bf94d7
+FROM    dockercore/golang-cross:1.10.4@sha256:55c7b933ac944f4922b673b4d4340d1a0404f3c324bd0b3f13a4326c427b1f2a
 ENV     DISABLE_WARN_OUTSIDE_CONTAINER=1
 WORKDIR /go/src/github.com/docker/cli

dockerfiles/Dockerfile.dev

@@ -1,5 +1,5 @@
 
-FROM    golang:1.10.3-alpine
+FROM    golang:1.10.4-alpine
 
 RUN     apk add -U git make bash coreutils ca-certificates curl
 

dockerfiles/Dockerfile.e2e

@@ -1,4 +1,4 @@
-ARG GO_VERSION=1.10.3
+ARG GO_VERSION=1.10.4
 
 FROM docker/containerd-shim-process:a4d1531 AS containerd-shim-process
 

dockerfiles/Dockerfile.lint

@@ -1,4 +1,4 @@
-FROM    golang:1.10.3-alpine
+FROM    golang:1.10.4-alpine
 
 RUN     apk add -U git
 

docs/reference/commandline/dockerd.md

@@ -1297,6 +1297,7 @@ This is a full example of the allowed configuration options on Linux:
 	"exec-opts": [],
 	"exec-root": "",
 	"experimental": false,
+	"features": {},
 	"storage-driver": "",
 	"storage-opts": [],
 	"labels": [],
@@ -1392,6 +1393,7 @@ This is a full example of the allowed configuration options on Windows:
     "dns-search": [],
     "exec-opts": [],
     "experimental": false,
+    "features":{},
     "storage-driver": "",
     "storage-opts": [],
     "labels": [],
@@ -1446,11 +1448,12 @@ The list of currently supported options that can be reconfigured is this:
   the runtime shipped with the official docker packages.
 - `runtimes`: it updates the list of available OCI runtimes that can
   be used to run containers.
-- `authorization-plugin`: specifies the authorization plugins to use.
+- `authorization-plugin`: it specifies the authorization plugins to use.
 - `allow-nondistributable-artifacts`: Replaces the set of registries to which the daemon will push nondistributable artifacts with a new set of registries.
 - `insecure-registries`: it replaces the daemon insecure registries with a new set of insecure registries. If some existing insecure registries in daemon's configuration are not in newly reloaded insecure resgitries, these existing ones will be removed from daemon's config.
 - `registry-mirrors`: it replaces the daemon registry mirrors with a new set of registry mirrors. If some existing registry mirrors in daemon's configuration are not in newly reloaded registry mirrors, these existing ones will be removed from daemon's config.
 - `shutdown-timeout`: it replaces the daemon's existing configuration timeout with a new timeout for shutting down all containers.
+- `features`: it explicitly enables or disables specific features.
 
 Updating and reloading the cluster configurations such as `--cluster-store`,
 `--cluster-advertise` and `--cluster-store-opts` will take effect only if

internal/containerizedengine/progress.go

@@ -64,7 +64,7 @@ outer:
 				}
 			}
 
-			err := updateNonActive(ctx, ongoing, cs, statuses, keys, activeSeen, &done, start)
+			err := updateNonActive(ctx, ongoing, cs, statuses, &keys, activeSeen, &done, start)
 			if err != nil {
 				continue outer
 			}
@@ -92,11 +92,11 @@ outer:
 	}
 }
 
-func updateNonActive(ctx context.Context, ongoing *jobs, cs content.Store, statuses map[string]statusInfo, keys []string, activeSeen map[string]struct{}, done *bool, start time.Time) error {
+func updateNonActive(ctx context.Context, ongoing *jobs, cs content.Store, statuses map[string]statusInfo, keys *[]string, activeSeen map[string]struct{}, done *bool, start time.Time) error {
 
 	for _, j := range ongoing.jobs() {
 		key := remotes.MakeRefKey(ctx, j)
-		keys = append(keys, key)
+		*keys = append(*keys, key)
 		if _, ok := activeSeen[key]; ok {
 			continue
 		}

internal/licenseutils/types.go

@@ -10,7 +10,10 @@ var (
 
 	// licensingPublicKey is the official public license key for store.docker.com
 	// nolint: lll
-	licensingPublicKey = "LS0tLS1CRUdJTiBQVUJMSUMgS0VZLS0tLS0Ka2lkOiBKN0xEOjY3VlI6TDVIWjpVN0JBOjJPNEc6NEFMMzpPRjJOOkpIR0I6RUZUSDo1Q1ZROk1GRU86QUVJVAoKTUlJQ0lqQU5CZ2txaGtpRzl3MEJBUUVGQUFPQ0FnOEFNSUlDQ2dLQ0FnRUF5ZEl5K2xVN283UGNlWSs0K3MrQwpRNU9FZ0N5RjhDeEljUUlXdUs4NHBJaVpjaVk2NzMweUNZbndMU0tUbHcrVTZVQy9RUmVXUmlvTU5ORTVEczVUCllFWGJHRzZvbG0ycWRXYkJ3Y0NnKzJVVUgvT2NCOVd1UDZnUlBIcE1GTXN4RHpXd3ZheThKVXVIZ1lVTFVwbTEKSXYrbXE3bHA1blEvUnhyVDBLWlJBUVRZTEVNRWZHd20zaE1PL2dlTFBTK2hnS1B0SUhsa2c2L1djb3hUR29LUAo3OWQvd2FIWXhHTmw3V2hTbmVpQlN4YnBiUUFLazIxbGc3OThYYjd2WnlFQVRETXJSUjlNZUU2QWRqNUhKcFkzCkNveVJBUENtYUtHUkNLNHVvWlNvSXUwaEZWbEtVUHliYncwMDBHTyt3YTJLTjhVd2dJSW0waTVJMXVXOUdrcTQKempCeTV6aGdxdVVYYkc5YldQQU9ZcnE1UWE4MUR4R2NCbEp5SFlBcCtERFBFOVRHZzR6WW1YakpueFpxSEVkdQpHcWRldlo4WE1JMHVrZmtHSUkxNHdVT2lNSUlJclhsRWNCZi80Nkk4Z1FXRHp4eWNaZS9KR1grTEF1YXlYcnlyClVGZWhWTlVkWlVsOXdYTmFKQitrYUNxejVRd2FSOTNzR3crUVNmdEQwTnZMZTdDeU9IK0U2dmc2U3QvTmVUdmcKdjhZbmhDaVhJbFo4SE9mSXdOZTd0RUYvVWN6NU9iUHlrbTN0eWxyTlVqdDBWeUFtdHRhY1ZJMmlHaWhjVVBybQprNGxWSVo3VkQvTFNXK2k3eW9TdXJ0cHNQWGNlMnBLRElvMzBsSkdoTy8zS1VtbDJTVVpDcXpKMXlFbUtweXNICjVIRFc5Y3NJRkNBM2RlQWpmWlV2TjdVQ0F3RUFBUT09Ci0tLS0tRU5EIFBVQkxJQyBLRVktLS0tLQo="
+	licensingPublicKeys = []string{
+		"LS0tLS1CRUdJTiBQVUJMSUMgS0VZLS0tLS0Ka2lkOiBKN0xEOjY3VlI6TDVIWjpVN0JBOjJPNEc6NEFMMzpPRjJOOkpIR0I6RUZUSDo1Q1ZROk1GRU86QUVJVAoKTUlJQ0lqQU5CZ2txaGtpRzl3MEJBUUVGQUFPQ0FnOEFNSUlDQ2dLQ0FnRUF5ZEl5K2xVN283UGNlWSs0K3MrQwpRNU9FZ0N5RjhDeEljUUlXdUs4NHBJaVpjaVk2NzMweUNZbndMU0tUbHcrVTZVQy9RUmVXUmlvTU5ORTVEczVUCllFWGJHRzZvbG0ycWRXYkJ3Y0NnKzJVVUgvT2NCOVd1UDZnUlBIcE1GTXN4RHpXd3ZheThKVXVIZ1lVTFVwbTEKSXYrbXE3bHA1blEvUnhyVDBLWlJBUVRZTEVNRWZHd20zaE1PL2dlTFBTK2hnS1B0SUhsa2c2L1djb3hUR29LUAo3OWQvd2FIWXhHTmw3V2hTbmVpQlN4YnBiUUFLazIxbGc3OThYYjd2WnlFQVRETXJSUjlNZUU2QWRqNUhKcFkzCkNveVJBUENtYUtHUkNLNHVvWlNvSXUwaEZWbEtVUHliYncwMDBHTyt3YTJLTjhVd2dJSW0waTVJMXVXOUdrcTQKempCeTV6aGdxdVVYYkc5YldQQU9ZcnE1UWE4MUR4R2NCbEp5SFlBcCtERFBFOVRHZzR6WW1YakpueFpxSEVkdQpHcWRldlo4WE1JMHVrZmtHSUkxNHdVT2lNSUlJclhsRWNCZi80Nkk4Z1FXRHp4eWNaZS9KR1grTEF1YXlYcnlyClVGZWhWTlVkWlVsOXdYTmFKQitrYUNxejVRd2FSOTNzR3crUVNmdEQwTnZMZTdDeU9IK0U2dmc2U3QvTmVUdmcKdjhZbmhDaVhJbFo4SE9mSXdOZTd0RUYvVWN6NU9iUHlrbTN0eWxyTlVqdDBWeUFtdHRhY1ZJMmlHaWhjVVBybQprNGxWSVo3VkQvTFNXK2k3eW9TdXJ0cHNQWGNlMnBLRElvMzBsSkdoTy8zS1VtbDJTVVpDcXpKMXlFbUtweXNICjVIRFc5Y3NJRkNBM2RlQWpmWlV2TjdVQ0F3RUFBUT09Ci0tLS0tRU5EIFBVQkxJQyBLRVktLS0tLQo=",
+		"LS0tLS1CRUdJTiBQVUJMSUMgS0VZLS0tLS0Ka2V5SUQ6IFpGSjI6Q1c1Szo1M0tSOlo0NUg6NlpVQzpJNFhFOlpUS1A6TVQ1UjpQWFpMOlNTNE46RjQ0NDo0U1Q0CmtpZDogWkZKMjpDVzVLOjUzS1I6WjQ1SDo2WlVDOkk0WEU6WlRLUDpNVDVSOlBYWkw6U1M0TjpGNDQ0OjRTVDQKCk1JSUJJakFOQmdrcWhraUc5dzBCQVFFRkFBT0NBUThBTUlJQkNnS0NBUUVBd1FhVVRaUFhQZnloZFZVdkJkbXkKZlViYXZYL1pmdkNkMCtGREdNb0ZQazlUTlE1aVZPSkhaUVVNa2N2d2QrdVdaV3dvdWtEUGhZaWxEQTZ6Y3krQQowdERFQkF0Nmc5TGM3UFNXU1BZMTJpbWxnbC85RmJzQnZsSjFRc1RJNGlPUjQ1K0FsMHMxMWhaNG0wR1k4UXQ4CnpFN0RYU1BNUzVRTHlUcHlEemZkQURVcWFGRVcxNTVOQ3BaKzZ6N0lHZCt0V2xjalB3QzQwb3ppbWM1bXVUSWgKb2w1WG1hUFREYk45VzhDWGQ1ZWdUeEExZU43YTA3MWR0R1RialFMUEhvb0QxRURsbitvZjZ2VGFReUphWWJmQgpNRHF2NFdraG9QSzJPWWZ5OXVLR1lTNS9ieHIzUWVTUGRoWVFrQzl2YVZsRUtuTjFZaER6VXZVZGR1c3lyRUdICjd3SURBUUFCCi0tLS0tRU5EIFBVQkxJQyBLRVktLS0tLQo=",
+	}
 )
 
 type (

internal/licenseutils/utils.go

@@ -45,7 +45,7 @@ func Login(ctx context.Context, authConfig *types.AuthConfig) (HubUser, error) {
 	lclient, err := licensing.New(&licensing.Config{
 		BaseURI:    *baseURI,
 		HTTPClient: &http.Client{},
-		PublicKey:  licensingPublicKey,
+		PublicKeys: licensingPublicKeys,
 	})
 	if err != nil {
 		return HubUser{}, err
@@ -151,7 +151,7 @@ func LoadLocalIssuedLicense(ctx context.Context, filename string) (*model.Issued
 	lclient, err := licensing.New(&licensing.Config{
 		BaseURI:    *baseURI,
 		HTTPClient: &http.Client{},
-		PublicKey:  licensingPublicKey,
+		PublicKeys: licensingPublicKeys,
 	})
 	if err != nil {
 		return nil, err

internal/pkg/containerized/proxy.go

@@ -0,0 +1,66 @@
+package containerized
+
+import (
+	"encoding/json"
+	"io/ioutil"
+	"os"
+	"path/filepath"
+)
+
+var (
+	proxydir = "/etc/containerd-proxy"
+)
+
+type proxyConfig struct {
+	ID        string   `json:"-"`
+	Namespace string   `json:"namespace"`
+	Image     string   `json:"image"`
+	ImagePath string   `json:"imagePath"`
+	Args      []string `json:"args"`
+	Scope     string   `json:"scope"`
+}
+
+func updateConfig(name, newImage string) error {
+	cfg, err := loadConfig(name)
+	if err != nil && os.IsNotExist(err) {
+		return nil
+	}
+	if err != nil {
+		return err
+	}
+	cfg.Image = newImage
+	cfg.ImagePath = ""
+	return storeConfig(name, cfg)
+}
+
+func loadConfig(name string) (*proxyConfig, error) {
+	configFile := filepath.Join(proxydir, name+".json")
+	data, err := ioutil.ReadFile(configFile)
+	if err != nil {
+		return nil, err
+	}
+	var cfg proxyConfig
+	err = json.Unmarshal(data, &cfg)
+	if err != nil {
+		return nil, err
+	}
+	return &cfg, nil
+}
+
+// storeConfig will write out the config only if it already exists
+func storeConfig(name string, cfg *proxyConfig) error {
+	configFile := filepath.Join(proxydir, name+".json")
+	fd, err := os.OpenFile(configFile, os.O_RDWR, 0644)
+	if err != nil && os.IsNotExist(err) {
+		return nil
+	}
+	if err != nil {
+		return err
+	}
+	err = fd.Truncate(0)
+	if err != nil {
+		return err
+	}
+	enc := json.NewEncoder(fd)
+	return enc.Encode(cfg)
+}

internal/pkg/containerized/proxy_test.go

@@ -0,0 +1,68 @@
+package containerized
+
+import (
+	"encoding/json"
+	"io/ioutil"
+	"os"
+	"path/filepath"
+	"testing"
+
+	"gotest.tools/assert"
+)
+
+func TestUpdateConfigNotExist(t *testing.T) {
+	tmpdir, err := ioutil.TempDir("", "cfg-update")
+	assert.NilError(t, err)
+	defer os.RemoveAll(tmpdir)
+	origProxyDir := proxydir
+	defer func() {
+		proxydir = origProxyDir
+	}()
+	proxydir = tmpdir
+	name := "myname"
+	newImage := "newimage:foo"
+	err = updateConfig(name, newImage)
+	assert.NilError(t, err)
+}
+
+func TestUpdateConfigBadJson(t *testing.T) {
+	tmpdir, err := ioutil.TempDir("", "cfg-update")
+	assert.NilError(t, err)
+	defer os.RemoveAll(tmpdir)
+	origProxyDir := proxydir
+	defer func() {
+		proxydir = origProxyDir
+	}()
+	proxydir = tmpdir
+	filename := filepath.Join(tmpdir, "dockerd.json")
+	err = ioutil.WriteFile(filename, []byte("not json"), 0644)
+	assert.NilError(t, err)
+	name := "dockerd"
+	newImage := "newimage:foo"
+	err = updateConfig(name, newImage)
+	assert.ErrorContains(t, err, "invalid character")
+}
+
+func TestUpdateConfigHappyPath(t *testing.T) {
+	tmpdir, err := ioutil.TempDir("", "cfg-update")
+	assert.NilError(t, err)
+	defer os.RemoveAll(tmpdir)
+	origProxyDir := proxydir
+	defer func() {
+		proxydir = origProxyDir
+	}()
+	proxydir = tmpdir
+	filename := filepath.Join(tmpdir, "dockerd.json")
+	err = ioutil.WriteFile(filename, []byte("{}"), 0644)
+	assert.NilError(t, err)
+	name := "dockerd"
+	newImage := "newimage:foo"
+	err = updateConfig(name, newImage)
+	assert.NilError(t, err)
+	data, err := ioutil.ReadFile(filename)
+	assert.NilError(t, err)
+	var cfg map[string]string
+	err = json.Unmarshal(data, &cfg)
+	assert.NilError(t, err)
+	assert.Assert(t, cfg["image"] == newImage)
+}

internal/pkg/containerized/snapshot.go

@@ -50,6 +50,10 @@ func WithUpgrade(i containerd.Image) containerd.UpdateContainerOpts {
 			return err
 		}
 		c.Image = i.Name()
+		err = updateConfig(c.ID, c.Image)
+		if err != nil {
+			return err
+		}
 		c.SnapshotKey = revision.Key
 		return nil
 	}
@@ -74,6 +78,10 @@ func WithRollback(ctx context.Context, client *containerd.Client, c *containers.
 		return fmt.Errorf("snapshot %s has an empty service image label", prev.Key)
 	}
 	c.Image = snapshotImage
+	err = updateConfig(c.ID, c.Image)
+	if err != nil {
+		return err
+	}
 	c.SnapshotKey = prev.Key
 	return nil
 }

vendor.conf

@@ -22,7 +22,7 @@ github.com/docker/go-events 9461782956ad83b30282bf90e31fa6a70c255ba9
 github.com/docker/go-metrics d466d4f6fd960e01820085bd7e1a24426ee7ef18
 github.com/docker/go-units 47565b4f722fb6ceae66b95f853feed578a4a51c # v0.3.3
 github.com/docker/libtrust 9cbd2a1374f46905c68a4eb3694a130610adc62a
-github.com/docker/licensing 369e530
+github.com/docker/licensing 5c4c7b4
 github.com/docker/swarmkit cfa742c8abe6f8e922f6e4e920153c408e7d9c3b
 github.com/flynn-archive/go-shlex 3f9db97f856818214da2e1057f8ad84803971cff
 github.com/ghodss/yaml 0ca9ea5df5451ffdf184b4428c902747c2c11cd7 # v1.0.0
@@ -92,9 +92,9 @@ google.golang.org/grpc v1.12.0
 gopkg.in/inf.v0 d2d2541c53f18d2a059457998ce2876cc8e67cbf # v0.9.1
 gopkg.in/yaml.v2 5420a8b6744d3b0345ab293f6fcba19c978f1183 # v2.2.1
 gotest.tools v2.1.0
-k8s.io/api kubernetes-1.11.0
-k8s.io/apimachinery kubernetes-1.11.0
-k8s.io/client-go kubernetes-1.11.0
+k8s.io/api kubernetes-1.11.2
+k8s.io/apimachinery kubernetes-1.11.2
+k8s.io/client-go kubernetes-1.11.2
 k8s.io/kube-openapi d8ea2fe547a448256204cfc68dfee7b26c720acb
-k8s.io/kubernetes v1.11.0
+k8s.io/kubernetes v1.11.2
 vbom.ml/util 256737ac55c46798123f754ab7d2c784e2c71783

vendor/github.com/docker/licensing/LICENSE

@@ -0,0 +1,191 @@
+
+                                 Apache License
+                           Version 2.0, January 2004
+                        https://www.apache.org/licenses/
+
+   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+   1. Definitions.
+
+      "License" shall mean the terms and conditions for use, reproduction,
+      and distribution as defined by Sections 1 through 9 of this document.
+
+      "Licensor" shall mean the copyright owner or entity authorized by
+      the copyright owner that is granting the License.
+
+      "Legal Entity" shall mean the union of the acting entity and all
+      other entities that control, are controlled by, or are under common
+      control with that entity. For the purposes of this definition,
+      "control" means (i) the power, direct or indirect, to cause the
+      direction or management of such entity, whether by contract or
+      otherwise, or (ii) ownership of fifty percent (50%) or more of the
+      outstanding shares, or (iii) beneficial ownership of such entity.
+
+      "You" (or "Your") shall mean an individual or Legal Entity
+      exercising permissions granted by this License.
+
+      "Source" form shall mean the preferred form for making modifications,
+      including but not limited to software source code, documentation
+      source, and configuration files.
+
+      "Object" form shall mean any form resulting from mechanical
+      transformation or translation of a Source form, including but
+      not limited to compiled object code, generated documentation,
+      and conversions to other media types.
+
+      "Work" shall mean the work of authorship, whether in Source or
+      Object form, made available under the License, as indicated by a
+      copyright notice that is included in or attached to the work
+      (an example is provided in the Appendix below).
+
+      "Derivative Works" shall mean any work, whether in Source or Object
+      form, that is based on (or derived from) the Work and for which the
+      editorial revisions, annotations, elaborations, or other modifications
+      represent, as a whole, an original work of authorship. For the purposes
+      of this License, Derivative Works shall not include works that remain
+      separable from, or merely link (or bind by name) to the interfaces of,
+      the Work and Derivative Works thereof.
+
+      "Contribution" shall mean any work of authorship, including
+      the original version of the Work and any modifications or additions
+      to that Work or Derivative Works thereof, that is intentionally
+      submitted to Licensor for inclusion in the Work by the copyright owner
+      or by an individual or Legal Entity authorized to submit on behalf of
+      the copyright owner. For the purposes of this definition, "submitted"
+      means any form of electronic, verbal, or written communication sent
+      to the Licensor or its representatives, including but not limited to
+      communication on electronic mailing lists, source code control systems,
+      and issue tracking systems that are managed by, or on behalf of, the
+      Licensor for the purpose of discussing and improving the Work, but
+      excluding communication that is conspicuously marked or otherwise
+      designated in writing by the copyright owner as "Not a Contribution."
+
+      "Contributor" shall mean Licensor and any individual or Legal Entity
+      on behalf of whom a Contribution has been received by Licensor and
+      subsequently incorporated within the Work.
+
+   2. Grant of Copyright License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      copyright license to reproduce, prepare Derivative Works of,
+      publicly display, publicly perform, sublicense, and distribute the
+      Work and such Derivative Works in Source or Object form.
+
+   3. Grant of Patent License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      (except as stated in this section) patent license to make, have made,
+      use, offer to sell, sell, import, and otherwise transfer the Work,
+      where such license applies only to those patent claims licensable
+      by such Contributor that are necessarily infringed by their
+      Contribution(s) alone or by combination of their Contribution(s)
+      with the Work to which such Contribution(s) was submitted. If You
+      institute patent litigation against any entity (including a
+      cross-claim or counterclaim in a lawsuit) alleging that the Work
+      or a Contribution incorporated within the Work constitutes direct
+      or contributory patent infringement, then any patent licenses
+      granted to You under this License for that Work shall terminate
+      as of the date such litigation is filed.
+
+   4. Redistribution. You may reproduce and distribute copies of the
+      Work or Derivative Works thereof in any medium, with or without
+      modifications, and in Source or Object form, provided that You
+      meet the following conditions:
+
+      (a) You must give any other recipients of the Work or
+          Derivative Works a copy of this License; and
+
+      (b) You must cause any modified files to carry prominent notices
+          stating that You changed the files; and
+
+      (c) You must retain, in the Source form of any Derivative Works
+          that You distribute, all copyright, patent, trademark, and
+          attribution notices from the Source form of the Work,
+          excluding those notices that do not pertain to any part of
+          the Derivative Works; and
+
+      (d) If the Work includes a "NOTICE" text file as part of its
+          distribution, then any Derivative Works that You distribute must
+          include a readable copy of the attribution notices contained
+          within such NOTICE file, excluding those notices that do not
+          pertain to any part of the Derivative Works, in at least one
+          of the following places: within a NOTICE text file distributed
+          as part of the Derivative Works; within the Source form or
+          documentation, if provided along with the Derivative Works; or,
+          within a display generated by the Derivative Works, if and
+          wherever such third-party notices normally appear. The contents
+          of the NOTICE file are for informational purposes only and
+          do not modify the License. You may add Your own attribution
+          notices within Derivative Works that You distribute, alongside
+          or as an addendum to the NOTICE text from the Work, provided
+          that such additional attribution notices cannot be construed
+          as modifying the License.
+
+      You may add Your own copyright statement to Your modifications and
+      may provide additional or different license terms and conditions
+      for use, reproduction, or distribution of Your modifications, or
+      for any such Derivative Works as a whole, provided Your use,
+      reproduction, and distribution of the Work otherwise complies with
+      the conditions stated in this License.
+
+   5. Submission of Contributions. Unless You explicitly state otherwise,
+      any Contribution intentionally submitted for inclusion in the Work
+      by You to the Licensor shall be under the terms and conditions of
+      this License, without any additional terms or conditions.
+      Notwithstanding the above, nothing herein shall supersede or modify
+      the terms of any separate license agreement you may have executed
+      with Licensor regarding such Contributions.
+
+   6. Trademarks. This License does not grant permission to use the trade
+      names, trademarks, service marks, or product names of the Licensor,
+      except as required for reasonable and customary use in describing the
+      origin of the Work and reproducing the content of the NOTICE file.
+
+   7. Disclaimer of Warranty. Unless required by applicable law or
+      agreed to in writing, Licensor provides the Work (and each
+      Contributor provides its Contributions) on an "AS IS" BASIS,
+      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+      implied, including, without limitation, any warranties or conditions
+      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+      PARTICULAR PURPOSE. You are solely responsible for determining the
+      appropriateness of using or redistributing the Work and assume any
+      risks associated with Your exercise of permissions under this License.
+
+   8. Limitation of Liability. In no event and under no legal theory,
+      whether in tort (including negligence), contract, or otherwise,
+      unless required by applicable law (such as deliberate and grossly
+      negligent acts) or agreed to in writing, shall any Contributor be
+      liable to You for damages, including any direct, indirect, special,
+      incidental, or consequential damages of any character arising as a
+      result of this License or out of the use or inability to use the
+      Work (including but not limited to damages for loss of goodwill,
+      work stoppage, computer failure or malfunction, or any and all
+      other commercial damages or losses), even if such Contributor
+      has been advised of the possibility of such damages.
+
+   9. Accepting Warranty or Additional Liability. While redistributing
+      the Work or Derivative Works thereof, You may choose to offer,
+      and charge a fee for, acceptance of support, warranty, indemnity,
+      or other liability obligations and/or rights consistent with this
+      License. However, in accepting such obligations, You may act only
+      on Your own behalf and on Your sole responsibility, not on behalf
+      of any other Contributor, and only if You agree to indemnify,
+      defend, and hold each Contributor harmless for any liability
+      incurred by, or claims asserted against, such Contributor by reason
+      of your accepting any such warranty or additional liability.
+
+   END OF TERMS AND CONDITIONS
+
+   Copyright 2013-2017 Docker, Inc.
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+       https://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.

vendor/github.com/docker/licensing/README.md

@@ -1,5 +1,12 @@
-# Licensing
----
+docker/licensing
+=========
+
 ## Overview
 
 *licensing* is a library for interacting with Docker issued product licenses. It facilitates user's authentication to the [Docker Store](https://store.docker.com), provides a mechanism for retrieving a user's existing licenses, detects and verifies locally stored licenses, and can be used to provision trial licenses for [Docker Enterprise Edition](https://www.docker.com/enterprise-edition).
+
+License
+=========
+docker/licensing is licensed under the Apache License, Version 2.0. See
+[LICENSE](https://github.com/docker/licensing/blob/master/LICENSE) for the full
+license text.

vendor/github.com/docker/licensing/client.go

@@ -193,9 +193,9 @@ func (c *client) ParseLicense(license []byte) (*model.IssuedLicense, error) {
 }
 
 type client struct {
-	publicKey libtrust.PublicKey
-	hclient   *http.Client
-	baseURI   url.URL
+	publicKeys []libtrust.PublicKey
+	hclient    *http.Client
+	baseURI    url.URL
 }
 
 // Config holds licensing client configuration
@@ -203,7 +203,7 @@ type Config struct {
 	BaseURI    url.URL
 	HTTPClient *http.Client
 	// used by licensing client to validate an issued license
-	PublicKey string
+	PublicKeys []string
 }
 
 func errorSummary(body []byte) string {
@@ -221,7 +221,7 @@ func errorSummary(body []byte) string {
 
 // New creates a new licensing Client
 func New(config *Config) (Client, error) {
-	publicKey, err := unmarshalPublicKey(config.PublicKey)
+	publicKeys, err := unmarshalPublicKeys(config.PublicKeys)
 	if err != nil {
 		return nil, err
 	}
@@ -232,12 +232,26 @@ func New(config *Config) (Client, error) {
 	}
 
 	return &client{
-		baseURI:   config.BaseURI,
-		hclient:   hclient,
-		publicKey: publicKey,
+		baseURI:    config.BaseURI,
+		hclient:    hclient,
+		publicKeys: publicKeys,
 	}, nil
 }
 
+func unmarshalPublicKeys(publicKeys []string) ([]libtrust.PublicKey, error) {
+	trustKeys := make([]libtrust.PublicKey, len(publicKeys))
+
+	for i, publicKey := range publicKeys {
+		trustKey, err := unmarshalPublicKey(publicKey)
+		if err != nil {
+			return nil, err
+		}
+
+		trustKeys[i] = trustKey
+	}
+	return trustKeys, nil
+}
+
 func unmarshalPublicKey(publicKey string) (libtrust.PublicKey, error) {
 	pemBytes, err := base64.StdEncoding.DecodeString(publicKey)
 	if err != nil {

vendor/github.com/docker/licensing/license.go

@@ -63,7 +63,7 @@ func (c *client) check(ctx context.Context, license model.IssuedLicense) (*model
 
 	key := keys[0]
 
-	if key.KeyID() != c.publicKey.KeyID() {
+	if !c.recognizedSigningKey(key) {
 		return nil, errors.New("unrecognized signing key")
 	}
 
@@ -93,6 +93,16 @@ func (c *client) check(ctx context.Context, license model.IssuedLicense) (*model
 	return checkRes, nil
 }
 
+// recognizedSigningKey returns true if the given key is signed with a recognized signing key, false otherwise
+func (c *client) recognizedSigningKey(key libtrust.PublicKey) bool {
+	for _, publicKey := range c.publicKeys {
+		if key.KeyID() == publicKey.KeyID() {
+			return true
+		}
+	}
+	return false
+}
+
 // getAuthorization returns the decoded license authorization
 func (c *client) getAuthorization(ctx context.Context, license model.IssuedLicense) ([]byte, error) {
 	decoded, err := base64.StdEncoding.DecodeString(license.Authorization)

vendor/k8s.io/api/autoscaling/v2beta1/generated.proto

@@ -31,29 +31,6 @@ import "k8s.io/apimachinery/pkg/util/intstr/generated.proto";
 // Package-wide variables from generator "generated".
 option go_package = "v2beta1";
 
-// ContainerResourcePolicy controls how autoscaler computes the recommended
-// resources for a specific container.
-message ContainerResourcePolicy {
-  // Name of the container or DefaultContainerResourcePolicy, in which
-  // case the policy is used by the containers that don't have their own
-  // policy specified.
-  optional string containerName = 1;
-
-  // Whether autoscaler is enabled for the container. The default is "Auto".
-  // +optional
-  optional string mode = 2;
-
-  // Specifies the minimal amount of resources that will be recommended
-  // for the container. The default is no minimum.
-  // +optional
-  map<string, k8s.io.apimachinery.pkg.api.resource.Quantity> minAllowed = 3;
-
-  // Specifies the maximum amount of resources that will be recommended
-  // for the container. The default is no maximum.
-  // +optional
-  map<string, k8s.io.apimachinery.pkg.api.resource.Quantity> maxAllowed = 4;
-}
-
 // CrossVersionObjectReference contains enough information to let you identify the referred resource.
 message CrossVersionObjectReference {
   // Kind of the referent; More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds"
@@ -312,26 +289,6 @@ message ObjectMetricStatus {
   optional k8s.io.apimachinery.pkg.api.resource.Quantity currentValue = 3;
 }
 
-// PodResourcePolicy controls how autoscaler computes the recommended resources
-// for containers belonging to the pod. There can be at most one entry for every
-// named container and optionally a single wildcard entry with `containerName` = '*',
-// which handles all containers that don't have individual policies.
-message PodResourcePolicy {
-  // Per-container resource policies.
-  // +optional
-  // +patchMergeKey=containerName
-  // +patchStrategy=merge
-  repeated ContainerResourcePolicy containerPolicies = 1;
-}
-
-// PodUpdatePolicy describes the rules on how changes are applied to the pods.
-message PodUpdatePolicy {
-  // Controls when autoscaler applies changes to the pod resources.
-  // The default is 'Auto'.
-  // +optional
-  optional string updateMode = 1;
-}
-
 // PodsMetricSource indicates how to scale on a metric describing each pod in
 // the current scale target (for example, transactions-processed-per-second).
 // The values will be averaged together before being compared to the target
@@ -356,39 +313,6 @@ message PodsMetricStatus {
   optional k8s.io.apimachinery.pkg.api.resource.Quantity currentAverageValue = 2;
 }
 
-// RecommendedContainerResources is the recommendation of resources computed by
-// autoscaler for a specific container. Respects the container resource policy
-// if present in the spec. In particular the recommendation is not produced for
-// containers with `ContainerScalingMode` set to 'Off'.
-message RecommendedContainerResources {
-  // Name of the container.
-  optional string containerName = 1;
-
-  // Recommended amount of resources.
-  map<string, k8s.io.apimachinery.pkg.api.resource.Quantity> target = 2;
-
-  // Minimum recommended amount of resources.
-  // This amount is not guaranteed to be sufficient for the application to operate in a stable way, however
-  // running with less resources is likely to have significant impact on performance/availability.
-  // +optional
-  map<string, k8s.io.apimachinery.pkg.api.resource.Quantity> lowerBound = 3;
-
-  // Maximum recommended amount of resources.
-  // Any resources allocated beyond this value are likely wasted. This value may be larger than the maximum
-  // amount of application is actually capable of consuming.
-  // +optional
-  map<string, k8s.io.apimachinery.pkg.api.resource.Quantity> upperBound = 4;
-}
-
-// RecommendedPodResources is the recommendation of resources computed by
-// autoscaler. It contains a recommendation for each container in the pod
-// (except for those with `ContainerScalingMode` set to 'Off').
-message RecommendedPodResources {
-  // Resources recommended by the autoscaler for each container.
-  // +optional
-  repeated RecommendedContainerResources containerRecommendations = 1;
-}
-
 // ResourceMetricSource indicates how to scale on a resource metric known to
 // Kubernetes, as specified in requests and limits, describing each pod in the
 // current scale target (e.g. CPU or memory).  The values will be averaged
@@ -437,89 +361,3 @@ message ResourceMetricStatus {
   optional k8s.io.apimachinery.pkg.api.resource.Quantity currentAverageValue = 3;
 }
 
-// VerticalPodAutoscaler is the configuration for a vertical pod
-// autoscaler, which automatically manages pod resources based on historical and
-// real time resource utilization.
-message VerticalPodAutoscaler {
-  // Standard object metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-  // +optional
-  optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
-
-  // Specification of the behavior of the autoscaler.
-  // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status.
-  optional VerticalPodAutoscalerSpec spec = 2;
-
-  // Current information about the autoscaler.
-  // +optional
-  optional VerticalPodAutoscalerStatus status = 3;
-}
-
-// VerticalPodAutoscalerCondition describes the state of
-// a VerticalPodAutoscaler at a certain point.
-message VerticalPodAutoscalerCondition {
-  // type describes the current condition
-  optional string type = 1;
-
-  // status is the status of the condition (True, False, Unknown)
-  optional string status = 2;
-
-  // lastTransitionTime is the last time the condition transitioned from
-  // one status to another
-  // +optional
-  optional k8s.io.apimachinery.pkg.apis.meta.v1.Time lastTransitionTime = 3;
-
-  // reason is the reason for the condition's last transition.
-  // +optional
-  optional string reason = 4;
-
-  // message is a human-readable explanation containing details about
-  // the transition
-  // +optional
-  optional string message = 5;
-}
-
-// VerticalPodAutoscalerList is a list of VerticalPodAutoscaler objects.
-message VerticalPodAutoscalerList {
-  // metadata is the standard list metadata.
-  // +optional
-  optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
-
-  // items is the list of vertical pod autoscaler objects.
-  repeated VerticalPodAutoscaler items = 2;
-}
-
-// VerticalPodAutoscalerSpec is the specification of the behavior of the autoscaler.
-message VerticalPodAutoscalerSpec {
-  // A label query that determines the set of pods controlled by the Autoscaler.
-  // More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors
-  optional k8s.io.apimachinery.pkg.apis.meta.v1.LabelSelector selector = 1;
-
-  // Describes the rules on how changes are applied to the pods.
-  // If not specified, all fields in the `PodUpdatePolicy` are set to their
-  // default values.
-  // +optional
-  optional PodUpdatePolicy updatePolicy = 2;
-
-  // Controls how the autoscaler computes recommended resources.
-  // The resource policy may be used to set constraints on the recommendations
-  // for individual containers. If not specified, the autoscaler computes recommended
-  // resources for all containers in the pod, without additional constraints.
-  // +optional
-  optional PodResourcePolicy resourcePolicy = 3;
-}
-
-// VerticalPodAutoscalerStatus describes the runtime state of the autoscaler.
-message VerticalPodAutoscalerStatus {
-  // The most recently computed amount of resources recommended by the
-  // autoscaler for the controlled pods.
-  // +optional
-  optional RecommendedPodResources recommendation = 1;
-
-  // Conditions is the set of conditions required for this autoscaler to scale its target,
-  // and indicates whether or not those conditions are met.
-  // +optional
-  // +patchMergeKey=type
-  // +patchStrategy=merge
-  repeated VerticalPodAutoscalerCondition conditions = 2;
-}
-

vendor/k8s.io/api/autoscaling/v2beta1/types.go

@@ -22,8 +22,6 @@ import (
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 )
 
-// ** Horizontal Pod Autoscaler types start here **
-
 // CrossVersionObjectReference contains enough information to let you identify the referred resource.
 type CrossVersionObjectReference struct {
 	// Kind of the referent; More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds"
@@ -372,212 +370,3 @@ type HorizontalPodAutoscalerList struct {
 	// items is the list of horizontal pod autoscaler objects.
 	Items []HorizontalPodAutoscaler `json:"items" protobuf:"bytes,2,rep,name=items"`
 }
-
-// ** Vertical Pod Autoscaler types start here **
-
-// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
-
-// VerticalPodAutoscalerList is a list of VerticalPodAutoscaler objects.
-type VerticalPodAutoscalerList struct {
-	metav1.TypeMeta `json:",inline"`
-	// metadata is the standard list metadata.
-	// +optional
-	metav1.ListMeta `json:"metadata" protobuf:"bytes,1,opt,name=metadata"`
-
-	// items is the list of vertical pod autoscaler objects.
-	Items []VerticalPodAutoscaler `json:"items" protobuf:"bytes,2,rep,name=items"`
-}
-
-// +genclient
-// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
-
-// VerticalPodAutoscaler is the configuration for a vertical pod
-// autoscaler, which automatically manages pod resources based on historical and
-// real time resource utilization.
-type VerticalPodAutoscaler struct {
-	metav1.TypeMeta `json:",inline"`
-	// Standard object metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
-	// +optional
-	metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"`
-
-	// Specification of the behavior of the autoscaler.
-	// More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status.
-	Spec VerticalPodAutoscalerSpec `json:"spec" protobuf:"bytes,2,name=spec"`
-
-	// Current information about the autoscaler.
-	// +optional
-	Status VerticalPodAutoscalerStatus `json:"status,omitempty" protobuf:"bytes,3,opt,name=status"`
-}
-
-// VerticalPodAutoscalerSpec is the specification of the behavior of the autoscaler.
-type VerticalPodAutoscalerSpec struct {
-	// A label query that determines the set of pods controlled by the Autoscaler.
-	// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors
-	Selector *metav1.LabelSelector `json:"selector" protobuf:"bytes,1,name=selector"`
-
-	// Describes the rules on how changes are applied to the pods.
-	// If not specified, all fields in the `PodUpdatePolicy` are set to their
-	// default values.
-	// +optional
-	UpdatePolicy *PodUpdatePolicy `json:"updatePolicy,omitempty" protobuf:"bytes,2,opt,name=updatePolicy"`
-
-	// Controls how the autoscaler computes recommended resources.
-	// The resource policy may be used to set constraints on the recommendations
-	// for individual containers. If not specified, the autoscaler computes recommended
-	// resources for all containers in the pod, without additional constraints.
-	// +optional
-	ResourcePolicy *PodResourcePolicy `json:"resourcePolicy,omitempty" protobuf:"bytes,3,opt,name=resourcePolicy"`
-}
-
-// PodUpdatePolicy describes the rules on how changes are applied to the pods.
-type PodUpdatePolicy struct {
-	// Controls when autoscaler applies changes to the pod resources.
-	// The default is 'Auto'.
-	// +optional
-	UpdateMode *UpdateMode `json:"updateMode,omitempty" protobuf:"bytes,1,opt,name=updateMode"`
-}
-
-// UpdateMode controls when autoscaler applies changes to the pod resoures.
-type UpdateMode string
-
-const (
-	// UpdateModeOff means that autoscaler never changes Pod resources.
-	// The recommender still sets the recommended resources in the
-	// VerticalPodAutoscaler object. This can be used for a "dry run".
-	UpdateModeOff UpdateMode = "Off"
-	// UpdateModeInitial means that autoscaler only assigns resources on pod
-	// creation and does not change them during the lifetime of the pod.
-	UpdateModeInitial UpdateMode = "Initial"
-	// UpdateModeRecreate means that autoscaler assigns resources on pod
-	// creation and additionally can update them during the lifetime of the
-	// pod by deleting and recreating the pod.
-	UpdateModeRecreate UpdateMode = "Recreate"
-	// UpdateModeAuto means that autoscaler assigns resources on pod creation
-	// and additionally can update them during the lifetime of the pod,
-	// using any available update method. Currently this is equivalent to
-	// Recreate, which is the only available update method.
-	UpdateModeAuto UpdateMode = "Auto"
-)
-
-// PodResourcePolicy controls how autoscaler computes the recommended resources
-// for containers belonging to the pod. There can be at most one entry for every
-// named container and optionally a single wildcard entry with `containerName` = '*',
-// which handles all containers that don't have individual policies.
-type PodResourcePolicy struct {
-	// Per-container resource policies.
-	// +optional
-	// +patchMergeKey=containerName
-	// +patchStrategy=merge
-	ContainerPolicies []ContainerResourcePolicy `json:"containerPolicies,omitempty" patchStrategy:"merge" patchMergeKey:"containerName" protobuf:"bytes,1,rep,name=containerPolicies"`
-}
-
-// ContainerResourcePolicy controls how autoscaler computes the recommended
-// resources for a specific container.
-type ContainerResourcePolicy struct {
-	// Name of the container or DefaultContainerResourcePolicy, in which
-	// case the policy is used by the containers that don't have their own
-	// policy specified.
-	ContainerName string `json:"containerName,omitempty" protobuf:"bytes,1,opt,name=containerName"`
-	// Whether autoscaler is enabled for the container. The default is "Auto".
-	// +optional
-	Mode *ContainerScalingMode `json:"mode,omitempty" protobuf:"bytes,2,opt,name=mode"`
-	// Specifies the minimal amount of resources that will be recommended
-	// for the container. The default is no minimum.
-	// +optional
-	MinAllowed v1.ResourceList `json:"minAllowed,omitempty" protobuf:"bytes,3,rep,name=minAllowed,casttype=ResourceList,castkey=ResourceName"`
-	// Specifies the maximum amount of resources that will be recommended
-	// for the container. The default is no maximum.
-	// +optional
-	MaxAllowed v1.ResourceList `json:"maxAllowed,omitempty" protobuf:"bytes,4,rep,name=maxAllowed,casttype=ResourceList,castkey=ResourceName"`
-}
-
-const (
-	// DefaultContainerResourcePolicy can be passed as
-	// ContainerResourcePolicy.ContainerName to specify the default policy.
-	DefaultContainerResourcePolicy = "*"
-)
-
-// ContainerScalingMode controls whether autoscaler is enabled for a specific
-// container.
-type ContainerScalingMode string
-
-const (
-	// ContainerScalingModeAuto means autoscaling is enabled for a container.
-	ContainerScalingModeAuto ContainerScalingMode = "Auto"
-	// ContainerScalingModeOff means autoscaling is disabled for a container.
-	ContainerScalingModeOff ContainerScalingMode = "Off"
-)
-
-// VerticalPodAutoscalerStatus describes the runtime state of the autoscaler.
-type VerticalPodAutoscalerStatus struct {
-	// The most recently computed amount of resources recommended by the
-	// autoscaler for the controlled pods.
-	// +optional
-	Recommendation *RecommendedPodResources `json:"recommendation,omitempty" protobuf:"bytes,1,opt,name=recommendation"`
-
-	// Conditions is the set of conditions required for this autoscaler to scale its target,
-	// and indicates whether or not those conditions are met.
-	// +optional
-	// +patchMergeKey=type
-	// +patchStrategy=merge
-	Conditions []VerticalPodAutoscalerCondition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type" protobuf:"bytes,2,rep,name=conditions"`
-}
-
-// RecommendedPodResources is the recommendation of resources computed by
-// autoscaler. It contains a recommendation for each container in the pod
-// (except for those with `ContainerScalingMode` set to 'Off').
-type RecommendedPodResources struct {
-	// Resources recommended by the autoscaler for each container.
-	// +optional
-	ContainerRecommendations []RecommendedContainerResources `json:"containerRecommendations,omitempty" protobuf:"bytes,1,rep,name=containerRecommendations"`
-}
-
-// RecommendedContainerResources is the recommendation of resources computed by
-// autoscaler for a specific container. Respects the container resource policy
-// if present in the spec. In particular the recommendation is not produced for
-// containers with `ContainerScalingMode` set to 'Off'.
-type RecommendedContainerResources struct {
-	// Name of the container.
-	ContainerName string `json:"containerName,omitempty" protobuf:"bytes,1,opt,name=containerName"`
-	// Recommended amount of resources.
-	Target v1.ResourceList `json:"target" protobuf:"bytes,2,rep,name=target,casttype=ResourceList,castkey=ResourceName"`
-	// Minimum recommended amount of resources.
-	// This amount is not guaranteed to be sufficient for the application to operate in a stable way, however
-	// running with less resources is likely to have significant impact on performance/availability.
-	// +optional
-	LowerBound v1.ResourceList `json:"lowerBound,omitempty" protobuf:"bytes,3,rep,name=lowerBound,casttype=ResourceList,castkey=ResourceName"`
-	// Maximum recommended amount of resources.
-	// Any resources allocated beyond this value are likely wasted. This value may be larger than the maximum
-	// amount of application is actually capable of consuming.
-	// +optional
-	UpperBound v1.ResourceList `json:"upperBound,omitempty" protobuf:"bytes,4,rep,name=upperBound,casttype=ResourceList,castkey=ResourceName"`
-}
-
-// VerticalPodAutoscalerConditionType are the valid conditions of
-// a VerticalPodAutoscaler.
-type VerticalPodAutoscalerConditionType string
-
-var (
-	// RecommendationProvided indicates whether the VPA recommender was able to calculate a recommendation.
-	RecommendationProvided VerticalPodAutoscalerConditionType = "RecommendationProvided"
-)
-
-// VerticalPodAutoscalerCondition describes the state of
-// a VerticalPodAutoscaler at a certain point.
-type VerticalPodAutoscalerCondition struct {
-	// type describes the current condition
-	Type VerticalPodAutoscalerConditionType `json:"type" protobuf:"bytes,1,name=type"`
-	// status is the status of the condition (True, False, Unknown)
-	Status v1.ConditionStatus `json:"status" protobuf:"bytes,2,name=status"`
-	// lastTransitionTime is the last time the condition transitioned from
-	// one status to another
-	// +optional
-	LastTransitionTime metav1.Time `json:"lastTransitionTime,omitempty" protobuf:"bytes,3,opt,name=lastTransitionTime"`
-	// reason is the reason for the condition's last transition.
-	// +optional
-	Reason string `json:"reason,omitempty" protobuf:"bytes,4,opt,name=reason"`
-	// message is a human-readable explanation containing details about
-	// the transition
-	// +optional
-	Message string `json:"message,omitempty" protobuf:"bytes,5,opt,name=message"`
-}

vendor/k8s.io/api/autoscaling/v2beta1/types_swagger_doc_generated.go

@@ -27,18 +27,6 @@ package v2beta1
 // Those methods can be generated by using hack/update-generated-swagger-docs.sh
 
 // AUTO-GENERATED FUNCTIONS START HERE. DO NOT EDIT.
-var map_ContainerResourcePolicy = map[string]string{
-	"":              "ContainerResourcePolicy controls how autoscaler computes the recommended resources for a specific container.",
-	"containerName": "Name of the container or DefaultContainerResourcePolicy, in which case the policy is used by the containers that don't have their own policy specified.",
-	"mode":          "Whether autoscaler is enabled for the container. The default is \"Auto\".",
-	"minAllowed":    "Specifies the minimal amount of resources that will be recommended for the container. The default is no minimum.",
-	"maxAllowed":    "Specifies the maximum amount of resources that will be recommended for the container. The default is no maximum.",
-}
-
-func (ContainerResourcePolicy) SwaggerDoc() map[string]string {
-	return map_ContainerResourcePolicy
-}
-
 var map_CrossVersionObjectReference = map[string]string{
 	"":           "CrossVersionObjectReference contains enough information to let you identify the referred resource.",
 	"kind":       "Kind of the referent; More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds\"",
@@ -182,24 +170,6 @@ func (ObjectMetricStatus) SwaggerDoc() map[string]string {
 	return map_ObjectMetricStatus
 }
 
-var map_PodResourcePolicy = map[string]string{
-	"":                  "PodResourcePolicy controls how autoscaler computes the recommended resources for containers belonging to the pod. There can be at most one entry for every named container and optionally a single wildcard entry with `containerName` = '*', which handles all containers that don't have individual policies.",
-	"containerPolicies": "Per-container resource policies.",
-}
-
-func (PodResourcePolicy) SwaggerDoc() map[string]string {
-	return map_PodResourcePolicy
-}
-
-var map_PodUpdatePolicy = map[string]string{
-	"":           "PodUpdatePolicy describes the rules on how changes are applied to the pods.",
-	"updateMode": "Controls when autoscaler applies changes to the pod resources. The default is 'Auto'.",
-}
-
-func (PodUpdatePolicy) SwaggerDoc() map[string]string {
-	return map_PodUpdatePolicy
-}
-
 var map_PodsMetricSource = map[string]string{
 	"":                   "PodsMetricSource indicates how to scale on a metric describing each pod in the current scale target (for example, transactions-processed-per-second). The values will be averaged together before being compared to the target value.",
 	"metricName":         "metricName is the name of the metric in question",
@@ -220,27 +190,6 @@ func (PodsMetricStatus) SwaggerDoc() map[string]string {
 	return map_PodsMetricStatus
 }
 
-var map_RecommendedContainerResources = map[string]string{
-	"":              "RecommendedContainerResources is the recommendation of resources computed by autoscaler for a specific container. Respects the container resource policy if present in the spec. In particular the recommendation is not produced for containers with `ContainerScalingMode` set to 'Off'.",
-	"containerName": "Name of the container.",
-	"target":        "Recommended amount of resources.",
-	"lowerBound":    "Minimum recommended amount of resources. This amount is not guaranteed to be sufficient for the application to operate in a stable way, however running with less resources is likely to have significant impact on performance/availability.",
-	"upperBound":    "Maximum recommended amount of resources. Any resources allocated beyond this value are likely wasted. This value may be larger than the maximum amount of application is actually capable of consuming.",
-}
-
-func (RecommendedContainerResources) SwaggerDoc() map[string]string {
-	return map_RecommendedContainerResources
-}
-
-var map_RecommendedPodResources = map[string]string{
-	"": "RecommendedPodResources is the recommendation of resources computed by autoscaler. It contains a recommendation for each container in the pod (except for those with `ContainerScalingMode` set to 'Off').",
-	"containerRecommendations": "Resources recommended by the autoscaler for each container.",
-}
-
-func (RecommendedPodResources) SwaggerDoc() map[string]string {
-	return map_RecommendedPodResources
-}
-
 var map_ResourceMetricSource = map[string]string{
 	"":     "ResourceMetricSource indicates how to scale on a resource metric known to Kubernetes, as specified in requests and limits, describing each pod in the current scale target (e.g. CPU or memory).  The values will be averaged together before being compared to the target.  Such metrics are built in to Kubernetes, and have special scaling options on top of those available to normal per-pod metrics using the \"pods\" source.  Only one \"target\" type should be set.",
 	"name": "name is the name of the resource in question.",
@@ -263,59 +212,4 @@ func (ResourceMetricStatus) SwaggerDoc() map[string]string {
 	return map_ResourceMetricStatus
 }
 
-var map_VerticalPodAutoscaler = map[string]string{
-	"":         "VerticalPodAutoscaler is the configuration for a vertical pod autoscaler, which automatically manages pod resources based on historical and real time resource utilization.",
-	"metadata": "Standard object metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata",
-	"spec":     "Specification of the behavior of the autoscaler. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status.",
-	"status":   "Current information about the autoscaler.",
-}
-
-func (VerticalPodAutoscaler) SwaggerDoc() map[string]string {
-	return map_VerticalPodAutoscaler
-}
-
-var map_VerticalPodAutoscalerCondition = map[string]string{
-	"":                   "VerticalPodAutoscalerCondition describes the state of a VerticalPodAutoscaler at a certain point.",
-	"type":               "type describes the current condition",
-	"status":             "status is the status of the condition (True, False, Unknown)",
-	"lastTransitionTime": "lastTransitionTime is the last time the condition transitioned from one status to another",
-	"reason":             "reason is the reason for the condition's last transition.",
-	"message":            "message is a human-readable explanation containing details about the transition",
-}
-
-func (VerticalPodAutoscalerCondition) SwaggerDoc() map[string]string {
-	return map_VerticalPodAutoscalerCondition
-}
-
-var map_VerticalPodAutoscalerList = map[string]string{
-	"":         "VerticalPodAutoscalerList is a list of VerticalPodAutoscaler objects.",
-	"metadata": "metadata is the standard list metadata.",
-	"items":    "items is the list of vertical pod autoscaler objects.",
-}
-
-func (VerticalPodAutoscalerList) SwaggerDoc() map[string]string {
-	return map_VerticalPodAutoscalerList
-}
-
-var map_VerticalPodAutoscalerSpec = map[string]string{
-	"":               "VerticalPodAutoscalerSpec is the specification of the behavior of the autoscaler.",
-	"selector":       "A label query that determines the set of pods controlled by the Autoscaler. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors",
-	"updatePolicy":   "Describes the rules on how changes are applied to the pods. If not specified, all fields in the `PodUpdatePolicy` are set to their default values.",
-	"resourcePolicy": "Controls how the autoscaler computes recommended resources. The resource policy may be used to set constraints on the recommendations for individual containers. If not specified, the autoscaler computes recommended resources for all containers in the pod, without additional constraints.",
-}
-
-func (VerticalPodAutoscalerSpec) SwaggerDoc() map[string]string {
-	return map_VerticalPodAutoscalerSpec
-}
-
-var map_VerticalPodAutoscalerStatus = map[string]string{
-	"":               "VerticalPodAutoscalerStatus describes the runtime state of the autoscaler.",
-	"recommendation": "The most recently computed amount of resources recommended by the autoscaler for the controlled pods.",
-	"conditions":     "Conditions is the set of conditions required for this autoscaler to scale its target, and indicates whether or not those conditions are met.",
-}
-
-func (VerticalPodAutoscalerStatus) SwaggerDoc() map[string]string {
-	return map_VerticalPodAutoscalerStatus
-}
-
 // AUTO-GENERATED FUNCTIONS END HERE

vendor/k8s.io/api/autoscaling/v2beta1/zz_generated.deepcopy.go

@@ -21,50 +21,10 @@ limitations under the License.
 package v2beta1
 
 import (
-	v1 "k8s.io/api/core/v1"
-	meta_v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 )
 
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *ContainerResourcePolicy) DeepCopyInto(out *ContainerResourcePolicy) {
-	*out = *in
-	if in.Mode != nil {
-		in, out := &in.Mode, &out.Mode
-		if *in == nil {
-			*out = nil
-		} else {
-			*out = new(ContainerScalingMode)
-			**out = **in
-		}
-	}
-	if in.MinAllowed != nil {
-		in, out := &in.MinAllowed, &out.MinAllowed
-		*out = make(v1.ResourceList, len(*in))
-		for key, val := range *in {
-			(*out)[key] = val.DeepCopy()
-		}
-	}
-	if in.MaxAllowed != nil {
-		in, out := &in.MaxAllowed, &out.MaxAllowed
-		*out = make(v1.ResourceList, len(*in))
-		for key, val := range *in {
-			(*out)[key] = val.DeepCopy()
-		}
-	}
-	return
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ContainerResourcePolicy.
-func (in *ContainerResourcePolicy) DeepCopy() *ContainerResourcePolicy {
-	if in == nil {
-		return nil
-	}
-	out := new(ContainerResourcePolicy)
-	in.DeepCopyInto(out)
-	return out
-}
-
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *CrossVersionObjectReference) DeepCopyInto(out *CrossVersionObjectReference) {
 	*out = *in
@@ -89,7 +49,7 @@ func (in *ExternalMetricSource) DeepCopyInto(out *ExternalMetricSource) {
 		if *in == nil {
 			*out = nil
 		} else {
-			*out = new(meta_v1.LabelSelector)
+			*out = new(v1.LabelSelector)
 			(*in).DeepCopyInto(*out)
 		}
 	}
@@ -132,7 +92,7 @@ func (in *ExternalMetricStatus) DeepCopyInto(out *ExternalMetricStatus) {
 		if *in == nil {
 			*out = nil
 		} else {
-			*out = new(meta_v1.LabelSelector)
+			*out = new(v1.LabelSelector)
 			(*in).DeepCopyInto(*out)
 		}
 	}
@@ -457,54 +417,6 @@ func (in *ObjectMetricStatus) DeepCopy() *ObjectMetricStatus {
 	return out
 }
 
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *PodResourcePolicy) DeepCopyInto(out *PodResourcePolicy) {
-	*out = *in
-	if in.ContainerPolicies != nil {
-		in, out := &in.ContainerPolicies, &out.ContainerPolicies
-		*out = make([]ContainerResourcePolicy, len(*in))
-		for i := range *in {
-			(*in)[i].DeepCopyInto(&(*out)[i])
-		}
-	}
-	return
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PodResourcePolicy.
-func (in *PodResourcePolicy) DeepCopy() *PodResourcePolicy {
-	if in == nil {
-		return nil
-	}
-	out := new(PodResourcePolicy)
-	in.DeepCopyInto(out)
-	return out
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *PodUpdatePolicy) DeepCopyInto(out *PodUpdatePolicy) {
-	*out = *in
-	if in.UpdateMode != nil {
-		in, out := &in.UpdateMode, &out.UpdateMode
-		if *in == nil {
-			*out = nil
-		} else {
-			*out = new(UpdateMode)
-			**out = **in
-		}
-	}
-	return
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PodUpdatePolicy.
-func (in *PodUpdatePolicy) DeepCopy() *PodUpdatePolicy {
-	if in == nil {
-		return nil
-	}
-	out := new(PodUpdatePolicy)
-	in.DeepCopyInto(out)
-	return out
-}
-
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *PodsMetricSource) DeepCopyInto(out *PodsMetricSource) {
 	*out = *in
@@ -539,66 +451,6 @@ func (in *PodsMetricStatus) DeepCopy() *PodsMetricStatus {
 	return out
 }
 
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *RecommendedContainerResources) DeepCopyInto(out *RecommendedContainerResources) {
-	*out = *in
-	if in.Target != nil {
-		in, out := &in.Target, &out.Target
-		*out = make(v1.ResourceList, len(*in))
-		for key, val := range *in {
-			(*out)[key] = val.DeepCopy()
-		}
-	}
-	if in.LowerBound != nil {
-		in, out := &in.LowerBound, &out.LowerBound
-		*out = make(v1.ResourceList, len(*in))
-		for key, val := range *in {
-			(*out)[key] = val.DeepCopy()
-		}
-	}
-	if in.UpperBound != nil {
-		in, out := &in.UpperBound, &out.UpperBound
-		*out = make(v1.ResourceList, len(*in))
-		for key, val := range *in {
-			(*out)[key] = val.DeepCopy()
-		}
-	}
-	return
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RecommendedContainerResources.
-func (in *RecommendedContainerResources) DeepCopy() *RecommendedContainerResources {
-	if in == nil {
-		return nil
-	}
-	out := new(RecommendedContainerResources)
-	in.DeepCopyInto(out)
-	return out
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *RecommendedPodResources) DeepCopyInto(out *RecommendedPodResources) {
-	*out = *in
-	if in.ContainerRecommendations != nil {
-		in, out := &in.ContainerRecommendations, &out.ContainerRecommendations
-		*out = make([]RecommendedContainerResources, len(*in))
-		for i := range *in {
-			(*in)[i].DeepCopyInto(&(*out)[i])
-		}
-	}
-	return
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RecommendedPodResources.
-func (in *RecommendedPodResources) DeepCopy() *RecommendedPodResources {
-	if in == nil {
-		return nil
-	}
-	out := new(RecommendedPodResources)
-	in.DeepCopyInto(out)
-	return out
-}
-
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *ResourceMetricSource) DeepCopyInto(out *ResourceMetricSource) {
 	*out = *in
@@ -658,156 +510,3 @@ func (in *ResourceMetricStatus) DeepCopy() *ResourceMetricStatus {
 	in.DeepCopyInto(out)
 	return out
 }
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *VerticalPodAutoscaler) DeepCopyInto(out *VerticalPodAutoscaler) {
-	*out = *in
-	out.TypeMeta = in.TypeMeta
-	in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
-	in.Spec.DeepCopyInto(&out.Spec)
-	in.Status.DeepCopyInto(&out.Status)
-	return
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VerticalPodAutoscaler.
-func (in *VerticalPodAutoscaler) DeepCopy() *VerticalPodAutoscaler {
-	if in == nil {
-		return nil
-	}
-	out := new(VerticalPodAutoscaler)
-	in.DeepCopyInto(out)
-	return out
-}
-
-// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
-func (in *VerticalPodAutoscaler) DeepCopyObject() runtime.Object {
-	if c := in.DeepCopy(); c != nil {
-		return c
-	}
-	return nil
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *VerticalPodAutoscalerCondition) DeepCopyInto(out *VerticalPodAutoscalerCondition) {
-	*out = *in
-	in.LastTransitionTime.DeepCopyInto(&out.LastTransitionTime)
-	return
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VerticalPodAutoscalerCondition.
-func (in *VerticalPodAutoscalerCondition) DeepCopy() *VerticalPodAutoscalerCondition {
-	if in == nil {
-		return nil
-	}
-	out := new(VerticalPodAutoscalerCondition)
-	in.DeepCopyInto(out)
-	return out
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *VerticalPodAutoscalerList) DeepCopyInto(out *VerticalPodAutoscalerList) {
-	*out = *in
-	out.TypeMeta = in.TypeMeta
-	out.ListMeta = in.ListMeta
-	if in.Items != nil {
-		in, out := &in.Items, &out.Items
-		*out = make([]VerticalPodAutoscaler, len(*in))
-		for i := range *in {
-			(*in)[i].DeepCopyInto(&(*out)[i])
-		}
-	}
-	return
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VerticalPodAutoscalerList.
-func (in *VerticalPodAutoscalerList) DeepCopy() *VerticalPodAutoscalerList {
-	if in == nil {
-		return nil
-	}
-	out := new(VerticalPodAutoscalerList)
-	in.DeepCopyInto(out)
-	return out
-}
-
-// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
-func (in *VerticalPodAutoscalerList) DeepCopyObject() runtime.Object {
-	if c := in.DeepCopy(); c != nil {
-		return c
-	}
-	return nil
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *VerticalPodAutoscalerSpec) DeepCopyInto(out *VerticalPodAutoscalerSpec) {
-	*out = *in
-	if in.Selector != nil {
-		in, out := &in.Selector, &out.Selector
-		if *in == nil {
-			*out = nil
-		} else {
-			*out = new(meta_v1.LabelSelector)
-			(*in).DeepCopyInto(*out)
-		}
-	}
-	if in.UpdatePolicy != nil {
-		in, out := &in.UpdatePolicy, &out.UpdatePolicy
-		if *in == nil {
-			*out = nil
-		} else {
-			*out = new(PodUpdatePolicy)
-			(*in).DeepCopyInto(*out)
-		}
-	}
-	if in.ResourcePolicy != nil {
-		in, out := &in.ResourcePolicy, &out.ResourcePolicy
-		if *in == nil {
-			*out = nil
-		} else {
-			*out = new(PodResourcePolicy)
-			(*in).DeepCopyInto(*out)
-		}
-	}
-	return
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VerticalPodAutoscalerSpec.
-func (in *VerticalPodAutoscalerSpec) DeepCopy() *VerticalPodAutoscalerSpec {
-	if in == nil {
-		return nil
-	}
-	out := new(VerticalPodAutoscalerSpec)
-	in.DeepCopyInto(out)
-	return out
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *VerticalPodAutoscalerStatus) DeepCopyInto(out *VerticalPodAutoscalerStatus) {
-	*out = *in
-	if in.Recommendation != nil {
-		in, out := &in.Recommendation, &out.Recommendation
-		if *in == nil {
-			*out = nil
-		} else {
-			*out = new(RecommendedPodResources)
-			(*in).DeepCopyInto(*out)
-		}
-	}
-	if in.Conditions != nil {
-		in, out := &in.Conditions, &out.Conditions
-		*out = make([]VerticalPodAutoscalerCondition, len(*in))
-		for i := range *in {
-			(*in)[i].DeepCopyInto(&(*out)[i])
-		}
-	}
-	return
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VerticalPodAutoscalerStatus.
-func (in *VerticalPodAutoscalerStatus) DeepCopy() *VerticalPodAutoscalerStatus {
-	if in == nil {
-		return nil
-	}
-	out := new(VerticalPodAutoscalerStatus)
-	in.DeepCopyInto(out)
-	return out
-}

vendor/k8s.io/api/core/v1/generated.proto

@@ -188,7 +188,7 @@ message CSIPersistentVolumeSource {
 
   // Filesystem type to mount.
   // Must be a filesystem type supported by the host operating system.
-  // Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
+  // Ex. "ext4", "xfs", "ntfs".
   // +optional
   optional string fsType = 4;
 
@@ -4509,7 +4509,7 @@ message VolumeMount {
 
   // mountPropagation determines how mounts are propagated from the host
   // to container and the other way around.
-  // When not set, MountPropagationHostToContainer is used.
+  // When not set, MountPropagationNone is used.
   // This field is beta in 1.10.
   // +optional
   optional string mountPropagation = 5;

vendor/k8s.io/api/core/v1/types.go

@@ -1607,7 +1607,7 @@ type CSIPersistentVolumeSource struct {
 
 	// Filesystem type to mount.
 	// Must be a filesystem type supported by the host operating system.
-	// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
+	// Ex. "ext4", "xfs", "ntfs".
 	// +optional
 	FSType string `json:"fsType,omitempty" protobuf:"bytes,4,opt,name=fsType"`
 
@@ -1682,7 +1682,7 @@ type VolumeMount struct {
 	SubPath string `json:"subPath,omitempty" protobuf:"bytes,4,opt,name=subPath"`
 	// mountPropagation determines how mounts are propagated from the host
 	// to container and the other way around.
-	// When not set, MountPropagationHostToContainer is used.
+	// When not set, MountPropagationNone is used.
 	// This field is beta in 1.10.
 	// +optional
 	MountPropagation *MountPropagationMode `json:"mountPropagation,omitempty" protobuf:"bytes,5,opt,name=mountPropagation,casttype=MountPropagationMode"`

vendor/k8s.io/api/core/v1/types_swagger_doc_generated.go

@@ -121,7 +121,7 @@ var map_CSIPersistentVolumeSource = map[string]string{
 	"driver":                     "Driver is the name of the driver to use for this volume. Required.",
 	"volumeHandle":               "VolumeHandle is the unique volume name returned by the CSI volume plugin’s CreateVolume to refer to the volume on all subsequent calls. Required.",
 	"readOnly":                   "Optional: The value to pass to ControllerPublishVolumeRequest. Defaults to false (read/write).",
-	"fsType":                     "Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.",
+	"fsType":                     "Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\".",
 	"volumeAttributes":           "Attributes of the volume to publish.",
 	"controllerPublishSecretRef": "ControllerPublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI ControllerPublishVolume and ControllerUnpublishVolume calls. This field is optional, and  may be empty if no secret is required. If the secret object contains more than one secret, all secrets are passed.",
 	"nodeStageSecretRef":         "NodeStageSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodeStageVolume and NodeStageVolume and NodeUnstageVolume calls. This field is optional, and  may be empty if no secret is required. If the secret object contains more than one secret, all secrets are passed.",
@@ -2230,7 +2230,7 @@ var map_VolumeMount = map[string]string{
 	"readOnly":         "Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false.",
 	"mountPath":        "Path within the container at which the volume should be mounted.  Must not contain ':'.",
 	"subPath":          "Path within the volume from which the container's volume should be mounted. Defaults to \"\" (volume's root).",
-	"mountPropagation": "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10.",
+	"mountPropagation": "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10.",
 }
 
 func (VolumeMount) SwaggerDoc() map[string]string {

vendor/k8s.io/client-go/plugin/pkg/client/auth/exec/exec.go

@@ -20,6 +20,7 @@ import (
 	"bytes"
 	"context"
 	"crypto/tls"
+	"errors"
 	"fmt"
 	"io"
 	"net"
@@ -178,21 +179,10 @@ func (a *Authenticator) UpdateTransportConfig(c *transport.Config) error {
 		return &roundTripper{a, rt}
 	}
 
-	getCert := c.TLS.GetCert
-	c.TLS.GetCert = func() (*tls.Certificate, error) {
-		// If previous GetCert is present and returns a valid non-nil
-		// certificate, use that. Otherwise use cert from exec plugin.
-		if getCert != nil {
-			cert, err := getCert()
-			if err != nil {
-				return nil, err
-			}
-			if cert != nil {
-				return cert, nil
-			}
-		}
-		return a.cert()
+	if c.TLS.GetCert != nil {
+		return errors.New("can't add TLS certificate callback: transport.Config.TLS.GetCert already set")
 	}
+	c.TLS.GetCert = a.cert
 
 	var dial func(ctx context.Context, network, addr string) (net.Conn, error)
 	if c.Dial != nil {